puma 4.2.0 → 4.3.1

data/lib/puma/cli.rb

@@ -162,7 +162,7 @@ module Puma
           end
 
           o.on "--extra-runtime-dependencies GEM1,GEM2", "Defines any extra needed gems when using --prune-bundler" do |arg|
-            c.extra_runtime_dependencies arg.split(',')
+            user_config.extra_runtime_dependencies arg.split(',')
           end
 
           o.on "-q", "--quiet", "Do not log requests internally (default true)" do

data/lib/puma/client.rb

@@ -9,8 +9,8 @@ class IO
 end
 
 require 'puma/detect'
-require 'puma/delegation'
 require 'tempfile'
+require 'forwardable'
 
 if Puma::IS_JRUBY
   # We have to work around some OpenSSL buffer/io-readiness bugs
@@ -41,7 +41,7 @@ module Puma
     EmptyBody = NullIO.new
 
     include Puma::Const
-    extend  Puma::Delegation
+    extend Forwardable
 
     def initialize(io, env=nil)
       @io = io
@@ -83,7 +83,7 @@ module Puma
 
     attr_accessor :remote_addr_header
 
-    forward :closed?, :@io
+    def_delegators :@io, :closed?
 
     def inspect
       "#<Puma::Client:0x#{object_id.to_s(16)} @ready=#{@ready.inspect}>"

data/lib/puma/cluster.rb

@@ -529,7 +529,6 @@ module Puma
         @suicide_pipe.close
         read.close
         @wakeup.close
-        @launcher.close_binder_unix_paths
       end
     end
 

data/lib/puma/const.rb

@@ -100,8 +100,8 @@ module Puma
   # too taxing on performance.
   module Const
 
-    PUMA_VERSION = VERSION = "4.2.0".freeze
-    CODE_NAME = "Distant Airhorns".freeze
+    PUMA_VERSION = VERSION = "4.3.1".freeze
+    CODE_NAME = "Mysterious Traveller".freeze
     PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
 
     FAST_TRACK_KA_TIMEOUT = 0.2
@@ -118,6 +118,13 @@ module Puma
     # sending data back
     WRITE_TIMEOUT = 10
 
+    # How many requests to attempt inline before sending a client back to
+    # the reactor to be subject to normal ordering. The idea here is that
+    # we amortize the cost of going back to the reactor for a well behaved
+    # but very "greedy" client across 10 requests. This prevents a not
+    # well behaved client from monopolizing the thread forever.
+    MAX_FAST_INLINE = 10
+
     # The original URI requested by the client.
     REQUEST_URI= 'REQUEST_URI'.freeze
     REQUEST_PATH = 'REQUEST_PATH'.freeze

data/lib/puma/control_cli.rb

@@ -22,7 +22,7 @@ module Puma
       @control_auth_token = nil
       @config_file = nil
       @command = nil
-      @environment = ENV['RACK_ENV'] || "development"
+      @environment = ENV['RACK_ENV']
 
       @argv = argv.dup
       @stdout = stdout
@@ -82,8 +82,10 @@ module Puma
       @command = argv.shift
 
       unless @config_file == '-'
+        environment = @environment || 'development'
+
         if @config_file.nil?
-          @config_file = %W(config/puma/#{@environment}.rb config/puma.rb).find do |f|
+          @config_file = %W(config/puma/#{environment}.rb config/puma.rb).find do |f|
             File.exist?(f)
           end
         end
@@ -130,7 +132,7 @@ module Puma
         @pid = sf.pid
       elsif @pidfile
         # get pid from pid_file
-        @pid = File.open(@pidfile).gets.to_i
+        File.open(@pidfile) { |f| @pid = f.read.to_i }
       end
     end
 
@@ -139,6 +141,12 @@ module Puma
 
       # create server object by scheme
       server = case uri.scheme
+                when "ssl"
+                  require 'openssl'
+                  OpenSSL::SSL::SSLSocket.new(
+                    TCPSocket.new(uri.host, uri.port),
+                    OpenSSL::SSL::SSLContext.new
+                  ).tap(&:connect)
                 when "tcp"
                   TCPSocket.new uri.host, uri.port
                 when "unix"

data/lib/puma/dsl.rb

@@ -396,7 +396,7 @@ module Puma
     #     keystore_pass: password
     #   }
     def ssl_bind(host, port, opts)
-      verify = opts.fetch(:verify_mode, 'none')
+      verify = opts.fetch(:verify_mode, 'none').to_s
       no_tlsv1 = opts.fetch(:no_tlsv1, 'false')
       no_tlsv1_1 = opts.fetch(:no_tlsv1_1, 'false')
       ca_additions = "&ca=#{opts[:ca]}" if ['peer', 'force_peer'].include?(verify)
@@ -583,6 +583,8 @@ module Puma
     # new Bundler context and thus can float around as the release
     # dictates.
     #
+    # See also: extra_runtime_dependencies
+    #
     # @note This is incompatible with +preload_app!+.
     # @note This is only supported for RubyGems 2.2+
     def prune_bundler(answer=true)
@@ -603,7 +605,7 @@ module Puma
     end
 
     # When using prune_bundler, if extra runtime dependencies need to be loaded to
-    # initialize your app, then this setting can be used.
+    # initialize your app, then this setting can be used. This includes any Puma plugins.
     #
     # Before bundler is pruned, the gem names supplied will be looked up in the bundler
     # context and then loaded again after bundler is pruned.
@@ -612,7 +614,7 @@ module Puma
     # @example
     #   extra_runtime_dependencies ['gem_name_1', 'gem_name_2']
     # @example
-    #   extra_runtime_dependencies ['puma_worker_killer']
+    #   extra_runtime_dependencies ['puma_worker_killer', 'puma-heroku']
     def extra_runtime_dependencies(answer = [])
       @options[:extra_runtime_dependencies] = Array(answer)
     end

data/lib/puma/launcher.rb

@@ -184,6 +184,7 @@ module Puma
       when :exit
         # nothing
       end
+      @binder.close_unix_paths
     end
 
     # Return which tcp port the launcher is using, if it's using TCP
@@ -204,10 +205,6 @@ module Puma
       @binder.close_listeners
     end
 
-    def close_binder_unix_paths
-      @binder.close_unix_paths
-    end
-
     private
 
     # If configured, write the pid of the current process out

data/lib/puma/minissl/context_builder.rb

@@ -0,0 +1,76 @@
+module Puma
+  module MiniSSL
+    class ContextBuilder
+      def initialize(params, events)
+        require 'puma/minissl'
+        MiniSSL.check
+
+        @params = params
+        @events = events
+      end
+
+      def context
+        ctx = MiniSSL::Context.new
+
+        if defined?(JRUBY_VERSION)
+          unless params['keystore']
+            events.error "Please specify the Java keystore via 'keystore='"
+          end
+
+          ctx.keystore = params['keystore']
+
+          unless params['keystore-pass']
+            events.error "Please specify the Java keystore password  via 'keystore-pass='"
+          end
+
+          ctx.keystore_pass = params['keystore-pass']
+          ctx.ssl_cipher_list = params['ssl_cipher_list'] if params['ssl_cipher_list']
+        else
+          unless params['key']
+            events.error "Please specify the SSL key via 'key='"
+          end
+
+          ctx.key = params['key']
+
+          unless params['cert']
+            events.error "Please specify the SSL cert via 'cert='"
+          end
+
+          ctx.cert = params['cert']
+
+          if ['peer', 'force_peer'].include?(params['verify_mode'])
+            unless params['ca']
+              events.error "Please specify the SSL ca via 'ca='"
+            end
+          end
+
+          ctx.ca = params['ca'] if params['ca']
+          ctx.ssl_cipher_filter = params['ssl_cipher_filter'] if params['ssl_cipher_filter']
+        end
+
+        ctx.no_tlsv1 = true if params['no_tlsv1'] == 'true'
+        ctx.no_tlsv1_1 = true if params['no_tlsv1_1'] == 'true'
+
+        if params['verify_mode']
+          ctx.verify_mode = case params['verify_mode']
+                            when "peer"
+                              MiniSSL::VERIFY_PEER
+                            when "force_peer"
+                              MiniSSL::VERIFY_PEER | MiniSSL::VERIFY_FAIL_IF_NO_PEER_CERT
+                            when "none"
+                              MiniSSL::VERIFY_NONE
+                            else
+                              events.error "Please specify a valid verify_mode="
+                              MiniSSL::VERIFY_NONE
+                            end
+        end
+
+        ctx
+      end
+
+      private
+
+      attr_reader :params, :events
+    end
+  end
+end

data/lib/puma/reactor.rb

@@ -237,7 +237,8 @@ module Puma
                 ssl_socket = c.io
                 begin
                   addr = ssl_socket.peeraddr.last
-                rescue IOError
+                # EINVAL can happen when browser closes socket w/security exception
+                rescue IOError, Errno::EINVAL
                   addr = "<unknown>"
                 end
 

data/lib/puma/runner.rb

@@ -2,6 +2,7 @@
 
 require 'puma/server'
 require 'puma/const'
+require 'puma/minissl/context_builder'
 
 module Puma
   # Generic class that is used by `Puma::Cluster` and `Puma::Single` to
@@ -64,6 +65,12 @@ module Puma
       control.max_threads = 1
 
       case uri.scheme
+      when "ssl"
+          log "* Starting control server on #{str}"
+          params = Util.parse_query uri.query
+          ctx = MiniSSL::ContextBuilder.new(params, @events).context
+
+          control.add_ssl_listener uri.host, uri.port, ctx
       when "tcp"
         log "* Starting control server on #{str}"
         control.add_tcp_listener uri.host, uri.port

data/lib/puma/server.rb

@@ -9,13 +9,13 @@ require 'puma/null_io'
 require 'puma/reactor'
 require 'puma/client'
 require 'puma/binder'
-require 'puma/delegation'
 require 'puma/accept_nonblock'
 require 'puma/util'
 
 require 'puma/puma_http11'
 
 require 'socket'
+require 'forwardable'
 
 module Puma
 
@@ -32,7 +32,7 @@ module Puma
   class Server
 
     include Puma::Const
-    extend  Puma::Delegation
+    extend Forwardable
 
     attr_reader :thread
     attr_reader :events
@@ -89,10 +89,7 @@ module Puma
 
     attr_accessor :binder, :leak_stack_on_error, :early_hints
 
-    forward :add_tcp_listener,  :@binder
-    forward :add_ssl_listener,  :@binder
-    forward :add_unix_listener, :@binder
-    forward :connected_port,    :@binder
+    def_delegators :@binder, :add_tcp_listener, :add_ssl_listener, :add_unix_listener, :connected_port
 
     def inherit_binder(bind)
       @binder = bind
@@ -469,6 +466,8 @@ module Puma
         clean_thread_locals = @options[:clean_thread_locals]
         close_socket = true
 
+        requests = 0
+
         while true
           case handle_request(client, buffer)
           when false
@@ -482,7 +481,19 @@ module Puma
 
             ThreadPool.clean_thread_locals if clean_thread_locals
 
-            unless client.reset(@status == :run)
+            requests += 1
+
+            check_for_more_data = @status == :run
+
+            if requests >= MAX_FAST_INLINE
+              # This will mean that reset will only try to use the data it already
+              # has buffered and won't try to read more data. What this means is that
+              # every client, independent of their request speed, gets treated like a slow
+              # one once every MAX_FAST_INLINE requests.
+              check_for_more_data = false
+            end
+
+            unless client.reset(check_for_more_data)
               close_socket = false
               client.set_timeout @persistent_timeout
               @reactor.add client

data/lib/puma/single.rb

@@ -118,7 +118,6 @@ module Puma
       rescue Interrupt
         # Swallow it
       end
-      @launcher.close_binder_unix_paths
     end
   end
 end

data/lib/puma/thread_pool.rb

@@ -189,7 +189,7 @@ module Puma
     # request, it might not be added to the `@todo` array right away.
     # For example if a slow client has only sent a header, but not a body
     # then the `@todo` array would stay the same size as the reactor works
-    # to try to buffer the request. In tha scenario the next call to this
+    # to try to buffer the request. In that scenario the next call to this
     # method would not block and another request would be added into the reactor
     # by the server. This would continue until a fully bufferend request
     # makes it through the reactor and can then be processed by the thread pool.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: puma
 version: !ruby/object:Gem::Version
-  version: 4.2.0
+  version: 4.3.1
 platform: ruby
 authors:
 - Evan Phoenix
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-09-23 00:00:00.000000000 Z
+date: 2019-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nio4r
@@ -53,6 +53,7 @@ files:
 - docs/restart.md
 - docs/signals.md
 - docs/systemd.md
+- docs/tcp_mode.md
 - ext/puma_http11/PumaHttp11Service.java
 - ext/puma_http11/ext_help.h
 - ext/puma_http11/extconf.rb
@@ -79,8 +80,6 @@ files:
 - lib/puma/configuration.rb
 - lib/puma/const.rb
 - lib/puma/control_cli.rb
-- lib/puma/convenient.rb
-- lib/puma/delegation.rb
 - lib/puma/detect.rb
 - lib/puma/dsl.rb
 - lib/puma/events.rb
@@ -88,6 +87,7 @@ files:
 - lib/puma/jruby_restart.rb
 - lib/puma/launcher.rb
 - lib/puma/minissl.rb
+- lib/puma/minissl/context_builder.rb
 - lib/puma/null_io.rb
 - lib/puma/plugin.rb
 - lib/puma/plugin/tmp_restart.rb

data/lib/puma/convenient.rb

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-require 'puma/launcher'
-require 'puma/configuration'
-
-module Puma
-  def self.run(opts={})
-    cfg = Puma::Configuration.new do |user_config|
-      if port = opts[:port]
-        user_config.port port
-      end
-
-      user_config.quiet
-
-      yield c
-    end
-
-    cfg.clamp
-
-    events = Puma::Events.null
-
-    launcher = Puma::Launcher.new cfg, :events => events
-    launcher.run
-  end
-end

data/lib/puma/delegation.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-module Puma
-  module Delegation
-    def forward(what, who)
-      module_eval <<-CODE
-        def #{what}(*args, &block)
-          #{who}.#{what}(*args, &block)
-        end
-      CODE
-    end
-  end
-end